Should I remove “Heur.MSIL.Benin.2”?

The Heur.MSIL.Benin.2 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Heur.MSIL.Benin.2 virus can do?

Presents an Authenticode digital signature
The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs

How to determine Heur.MSIL.Benin.2?


File Info:
crc32: A1ED9F23
md5: 5ca2b46c0d565c76a1646df8ac4214e5
name: 5CA2B46C0D565C76A1646DF8AC4214E5.mlw
sha1: 716164e56b5aaec1e588e5b371c3a5ec7781fec6
sha256: deb7db440af7b551c0faed5dec1bd5d555b6de5ff56d127ea1355a013a9208f5
sha512: 6d4ef4b488554155702b759cbe4e5f3f916a78c77fd1c22ac230bcb4d31ae8fb293bcd88007d1e452eb19793658e653906fbf0f6d986359feaae3faa25b8eca9
ssdeep: 24576:7erVrzjRetPMS3F3oJiIMdpNa76xoezFsXqTLkslYzBLG:qhRetPHZcJ76anslYBa
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
LegalCopyright: WhatsApp
InternalName: WhatsApp
FileVersion: 0.3.416
CompanyName: WhatsApp
SquirrelAwareVersion: 1
ProductName: WhatsApp
ProductVersion: 0.3.416
FileDescription: WhatsApp
OriginalFilename: WhatsApp
Translation: 0x0409 0x04b0

Heur.MSIL.Benin.2 also known as:

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
ALYac	Gen:Heur.MSIL.Benin.2
Cylance	Unsafe
Zillya	Downloader.Agent.Win32.366567
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_70% (D)
Alibaba	TrojanDownloader:Win32/Generic.922087ad
Cybereason	malicious.c0d565
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Packed.Azorult-9852769-1
Kaspersky	HEUR:Trojan-Downloader.Win32.Agent.gen
BitDefender	Gen:Heur.MSIL.Benin.2
MicroWorld-eScan	Gen:Heur.MSIL.Benin.2
Ad-Aware	Gen:Heur.MSIL.Benin.2
Sophos	Mal/Generic-S
BitDefenderTheta	Gen:NN.ZemsilF.34170.or2@aG6yATji
McAfee-GW-Edition	Artemis!Trojan
FireEye	Generic.mg.5ca2b46c0d565c76
Emsisoft	Gen:Heur.MSIL.Benin.2 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.MSIL.Agent.o
Avira	HEUR/AGEN.1142900
eGambit	PE.Heur.InvalidSig
Antiy-AVL	Trojan/Generic.ASMalwS.27F6CB9
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Heur.MSIL.Benin.2
McAfee	Artemis!5CA2B46C0D56
Panda	Trj/GdSda.A
Fortinet	MSIL/Kryptik.PBC!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Heur.MSIL.Benin.2?

Heur.MSIL.Benin.2 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X